Chip manufacturer ARM has published a publication safety advice claims to have addressed a very serious vulnerability affecting the popular Mali GPU drivers.
The vulnerability, tracked as CVE-2023-4211, is reportedly used in “limited targeted exploitation” attacks, the company added, as an improper access to exposed memory, but could also be used to compromise sensitive data to bring or manipulate.
According to BleepingComputer, potentially vulnerable devices also include the Samsung Galaxy S20/S20 FE, Xiaomi Redmi K30/K40, Motorola Edge 40 and OnePlus Nord 2.
Affected driver versions include Midgard GPU kernel driver (all versions from r12p0 to r32p0), Bifrost GPU kernel driver (all versions from r0p0 to r42p0), Valhall GPU kernel driver (all versions from r19p0 to r42p0), and Arm 5th Gen GPU architecture kernel driver (all versions from r41p0 to r42p0).
ARM said it has fixed the issue for the Bifrost, Valhall and Arm 5th generation GPU architecture in the kernel driver version r43p0, so if you’re concerned about being compromised, make sure you keep your endpoints up to date holds. Because it is an older model, Midgard is no longer supported and will therefore not receive a patch.
While ARM said the vulnerability was being used in the wild for “limited, targeted exploitation,” it did not elaborate. However, we do know that the flaw was discovered by Google’s Threat Analysis Group (TAG) and Project Zero. TAG is known for tracking and analyzing state-sponsored threat actors, which are also known to conduct targeted attacks, rather than casting a wide net.
Elsewhere in the advisory, ARM has detailed a number of other vulnerabilities: CVE-2023-33200 and CVE-2023-34970, which affect the 5th generation GPU architecture kernel driver versions of Bifrost, Valhall, and Arm up to r44p0. The company recommends that users install the r44p1 and r45p0 upgrades.
Through BleepingComputer